Penn Computing

Penn Computing

Computing Menu Computing A-Z
Computing Home Information Systems & Computing Penn

 

Sunday, September 21, 2014

 
  New Resources
Travel Tips for Data Security
Free Security/Privacy Training Resources
Penn+Box
Two-step verification
Combating Malware
SafeDNS
Phishing Archive
Cloud Computing and Data Outsourcing
Best Practices for Applications with Confidential University Data
 
  Security "Greatest Hits"
Managing Passwords
E-mail Harassment & Forgery
Hoaxes, frauds & scams
Spam
Phishing
Wireless Networking
Encryption & digital signatures
 
  Best Practices
Secure desktop computing
Secure servers
Secure data deletion
Securing printers
Tips for safe computing
Computing policies
 
  More in-depth information for
Local support providers
System administrators
 
  Security initiatives
Critical host compliance
Authentication & authorization
Penn Security & Privacy Assessment (SPIA)
Security Liaisons (Restricted Access)
Secure Share
Secure Space
Vulnerability Scanner
 
  Related links
Electronic privacy
PennKey
Viruses
Worms, trojans, backdoors

Searching for Sensitive Data

The unintentional disclosure of sensitive data (Social Security Numbers, credit card or student information, etc.) can result in privacy risks to individuals, and serious compliance, financial and reputational risks to the University.

In addition to manually checking your systems for sensitive data on a regular basis, you may wish to use an automated tool to help identify sensitive data on machines that are your responsibility.

Identity Finder

The Office of Information Security currently recommends using Identity Finder

It is strongly recommended that prior to installing and using Identity Finder you consult with your Local Support Provider and, if necessary or appropriate, obtain his/her assistance in running the program and interpreting results. Be aware that there will almost certainly be a number of "false positives", i.e., data that the program flags as sensitive which, upon inspection, turns out not to be so. Having experienced support staff to help you interpret scan results can alleviate a lot of unnecessary concern.

Penn makes Identity Finder available via site licensing at a nominal cost through the Office of Software Licensing. A link to the online order form is here.

Other Tools

Other Universities have also developed sensitive data scanning tools. Although they are not currently supported, they include:

http://www.cit.cornell.edu/computer/security/tools/

http://www.purdue.edu/securepurdue/services/scanningTools.cfm

https://source.its.utexas.edu/groups/its-iso/projects/senf/

Last updated: Wednesday, June 9, 2010

top

Information Systems and Computing
University of Pennsylvania
Comments & Questions


Penn Computing University of Pennsylvania
Information Systems and Computing, University of Pennsylvania